package com.back.common.utils;

import com.back.common.enums.RoleCode;
import com.back.vo.JwtVo;
import io.jsonwebtoken.Claims;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

/**
 * Spring Security工具类
 * 提供获取当前登录用户信息和权限检查等功能
 */
public class SecurityUtil {

    /**
     * 获取当前登录用户的用户名
     */
    public static String getCurrentUsername() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated() && 
                authentication.getPrincipal() instanceof UserDetails) {
            return ((UserDetails) authentication.getPrincipal()).getUsername();
        }
        return null;
    }
    
    /**
     * 获取当前登录用户ID
     */
    public static Long getCurrentUserId() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.getCredentials() instanceof String) {
            String token = (String) authentication.getCredentials();
            Claims claims = JwtUtil.getTokenBody(token);
            JwtVo jwtVo = JwtVo.fromClaims(claims);
            return jwtVo.getId();
        }
        throw new RuntimeException("无法获取当前用户ID");
    }
    
    /**
     * 判断当前用户是否已认证
     */
    public static boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && authentication.isAuthenticated();
    }
    
    /**
     * 判断当前用户是否具有指定角色
     */
    public static boolean hasRole(String role) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
            return authorities.stream()
                    .anyMatch(authority -> authority.getAuthority().equals("ROLE_" + role));
        }
        return false;
    }
    
    /**
     * 判断当前用户是否为管理员
     */
    public static boolean isAdmin() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.getCredentials() instanceof String) {
            String token = (String) authentication.getCredentials();
            Claims claims = JwtUtil.getTokenBody(token);
            JwtVo jwtVo = JwtVo.fromClaims(claims);
            return jwtVo.getRole().equals(RoleCode.ADMIN.getCode());
        }
        return false;
    }
    
    /**
     * 判断当前用户是否为企业用户
     */
    public static boolean isEmployer() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.getCredentials() instanceof String) {
            String token = (String) authentication.getCredentials();
            Claims claims = JwtUtil.getTokenBody(token);
            JwtVo jwtVo = JwtVo.fromClaims(claims);
            return jwtVo.getRole().equals(RoleCode.EMPLOYER.getCode());
        }
        return false;
    }
    
    /**
     * 判断当前用户是否为求职者
     */
    public static boolean isJobSeeker() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.getCredentials() instanceof String) {
            String token = (String) authentication.getCredentials();
            Claims claims = JwtUtil.getTokenBody(token);
            JwtVo jwtVo = JwtVo.fromClaims(claims);
            return jwtVo.getRole().equals(RoleCode.JOB_SEEKER.getCode());
        }
        return false;
    }
    
    /**
     * 获取当前用户的所有权限
     */
    public static Collection<? extends GrantedAuthority> getCurrentUserAuthorities() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            return authentication.getAuthorities();
        }
        return null;
    }
} 